Vulnerabilities

This is a simple module that supports listing existing Vulnerabilities

Example Syntax


    - name: List Vulnerabilities
        registry_vulnerability_info:
            registry: "RegistryName"
            repository: "repositoryName"
            arifact: "<arifact_digest>"
        register: vulnerabilities_response


    - name: Show Vulnerabilities
        debug:
            var: vulnerabilities_response.result

Returned object

{
    "href": "<base_api>/registries/0d6fd999-9bf9-462c-a148-951198ebca8f/repositories/image-test/artifacts/<digest>",
    "id": "vulnerabilities",
    "items": [
        {
            "href": "<base_api>/vulnerabilities/<ID>",
            "id": "<ID>",
            "metadata": {
                "publishedAt": "<datetime>",
                "updatedAt": "<datetime>"
            },
            "properties": {
                "affects": [
                    {
                        "name": "libc-bin",
                        "type": "deb",
                        "version": "2.31-0ubuntu9.2"
                    },
                    {
                        "name": "libc6",
                        "type": "deb",
                        "version": "2.31-0ubuntu9.2"
                    }
                ],
                "dataSource": {
                    "id": null,
                    "url": null
                },
                "description": "<description>",
                "fixable": true,
                "recommendations": "<recommendations>",
                "references": [
                    "<references>"
                ],
                "score": 2.5,
                "severity": "medium"
            },
            "type": "vulnerability"
        }
    ],
    "limit": 100,
    "links": {
        "next": null,
        "prev": null,
        "varSelf": "<base_api>/registries/0d6fd999-9bf9-462c-a148-951198ebca8f/repositories/image-test/artifacts/<digest>?limit=100&offset=100&orderBy=-score"
    },
    "offset": 0,
    "type": "collection"
}

For more examples please check out the tests here.

Available parameters:

Name
Required
Description

registry str

True

The ID or name of an existing Registry.

repository str

True

The name of an existing Repository.

artifact str

True

The digest of an existing Artifact.

filters dict

False

Filter that can be used to list only objects which have a certain set of propeties. Filters should be a dict with a key containing keys and value pair in the following format: 'properties.name': 'server_name'

api_url str

False

The Ionos API base URL.

certificate_fingerprint str

False

The Ionos API certificate fingerprint.

username str

False

The Ionos username. Overrides the IONOS_USERNAME environment variable.

password str

False

The Ionos password. Overrides the IONOS_PASSWORD environment variable.

token str

False

The Ionos token. Overrides the IONOS_TOKEN environment variable.

Last updated